[PATCH] D28297: [StaticAnalyzer] Fix crash in CastToStructChecker
Daniel Marjamäki via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Feb 23 07:48:54 PST 2017
danielmarjamaki updated this revision to Diff 89507.
danielmarjamaki added a comment.
It was reported in the bugzilla report that my first fix did not fix all crashes. A new example code was provided that triggered a new crash. I have updated the patch so both crashes are fixed.
https://reviews.llvm.org/D28297
Files:
lib/StaticAnalyzer/Checkers/CastToStructChecker.cpp
test/Analysis/cast-to-struct.cpp
Index: test/Analysis/cast-to-struct.cpp
===================================================================
--- test/Analysis/cast-to-struct.cpp
+++ test/Analysis/cast-to-struct.cpp
@@ -65,3 +65,17 @@
void *VP = P;
Abc = (struct ABC *)VP;
}
+
+// https://llvm.org/bugs/show_bug.cgi?id=31173
+void dontCrash1(struct AB X) {
+ struct UndefS *S = (struct UndefS *)&X;
+}
+
+struct S;
+struct T {
+ struct S *P;
+};
+extern struct S Var1, Var2;
+void dontCrash2() {
+ ((struct T *) &Var1)->P = &Var2;
+}
Index: lib/StaticAnalyzer/Checkers/CastToStructChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/CastToStructChecker.cpp
+++ lib/StaticAnalyzer/Checkers/CastToStructChecker.cpp
@@ -84,6 +84,10 @@
if (!VD || VD->getType()->isReferenceType())
return true;
+ if (ToPointeeTy->isIncompleteType() ||
+ OrigPointeeTy->isIncompleteType())
+ return true;
+
// Warn when there is widening cast.
unsigned ToWidth = Ctx.getTypeInfo(ToPointeeTy).Width;
unsigned OrigWidth = Ctx.getTypeInfo(OrigPointeeTy).Width;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D28297.89507.patch
Type: text/x-patch
Size: 1126 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170223/6158e8ac/attachment.bin>
More information about the cfe-commits
mailing list